Perimeter Defense Architecture: This architecture places firewalls, gateways, VPNs, and security gateways at the network perimeter to control access to both internal and external networks, allowing only authorized traffic to pass.
Defense-in-depth architecture: This architecture employs multilayered and diverse protection measures that deploy defenses at the network, system, application, and data levels. If any layer is compromised, the other layers continue to provide protection.
Zero Trust Architecture: The guiding principle is 'never trust by default, always verify.' Dynamic authentication occurs based on context such as identity, device, and behavior, regardless of whether traffic originates internally or externally.
Trusted Computing Architecture: Based on a hardware-level root of trust, this architecture builds a chain of trust from the lowest layer to the highest layer, ensuring the integrity of system startup and operational processes. It is commonly used in scenarios with high security requirements.
Layered defense system: This architecture designs security measures according to the OSI or TCP/IP model, covering the physical layer, network layer, system layer, application layer, and data layer, with each layer corresponding to a specific protection technology.
